摘要
广义签密可以灵活地工作在签密、签名和加密三种模式,具有很强的实用性.本文结合基于格的签名方案和密钥交换协议,构造了一个无陷门的广义签密方案.方案构造中引入了区分函数,根据输入的发送方与接收方密钥情况来自动识别加密、签名和签密三种模式,保障了算法在这三种工作模式下的优美对称性.基于环上判定性LWE问题,并借鉴FO13的方法,证明了该方案满足自适用抗选择密文攻击不可区分性安全性(IND-CCA2)和自适用抗选择消息攻击强不可伪造性安全性(SUF-CMA).该方案是基于Fiat-Shamir的中止(abort)框架,没有用到复杂的原像抽样和陷门生成算法,具有较高的计算效率.
Generalized signcryption can run flexibly in three modes:signcryption,signature and encryption,and has strong practicability.This paper combines lattice⁃based signature scheme and key exchange protocol to construct a trapdoorfree generalized signcryption scheme.In the construction,a distinguishing function is introduced,which automatically identi⁃fies the three modes of encryption,signature and signcryption according to the key conditions of the sender and the receiver.This ensures the excellent symmetry of the algorithm in these three modes.Finally,based on the deterministic learning with errors(LWE)problem on the ring,itused the method of FO13 toprove that the scheme satisfies the indistinguishability against adaptive chosen ciphertext attack(IND-CCA2)security and the strong unforgeability against choosing message at⁃tack(SUF-CMA)security.It is based on Fiat-Shamir with abort framework which does not use complex preimage sample al⁃gorithmand trapdoor generation algorithm,so it has high computational efficiency.
作者
刘镇
吴立强
韩益亮
杨晓元
柳曙光
LIU Zhen;WU Li-qiang;HAN Yi-liang;YANG Xiao-yuan;LIU Shu-guang(Key Laboratory of Network and Information Security,Engineering University of Chinese Armed Police Force,Xi’an,Shaanxi 710086,China)
出处
《电子学报》
EI
CAS
CSCD
北大核心
2021年第7期1314-1322,共9页
Acta Electronica Sinica
基金
国家自然科学基金(No.61572521,No.U1636114,No.61772550)
武警工程大学创新团队科学基金(No.KYTD201805)
陕西省自然科学基础研究计划(No.2021JM-252)
武警工程大学基础研究基金(No.WJY2019014)。
关键词
广义签密
环上的带错学习问题
无陷门格基签密
区分函数
抗量子攻击
generalized signcryption
learning with errors on rings
trapdoor⁃free lattice⁃based signcryption
discern⁃ibility function
quantum attack resistance
